Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-1721
Vulnerability from cvelistv5
Published
2021-04-30 11:04
Modified
2024-08-04 06:46
Severity ?
EPSS score ?
Summary
A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1777579 | Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1777579 | Issue Tracking, Patch, Third Party Advisory |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T06:46:30.633Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "pki-core", vendor: "n/a", versions: [ { status: "affected", version: "pki-core 10.10.5", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-30T11:04:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-1721", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "pki-core", version: { version_data: [ { version_value: "pki-core 10.10.5", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-1721", datePublished: "2021-04-30T11:04:01", dateReserved: "2019-11-27T00:00:00", dateUpdated: "2024-08-04T06:46:30.633Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2020-1721\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-04-30T12:15:07.410\",\"lastModified\":\"2024-11-21T05:11:14.370\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.\"},{\"lang\":\"es\",\"value\":\"Se detectó un fallo en el Agent Service de Key Recovery Authority (KRA) en pki-core versión 10.10.5, donde no sanea apropiadamente el ID de recuperación durante una petición de recuperación de clave, permitiendo una vulnerabilidad de tipo cross-site scripting (XSS) reflejado. Un atacante podría engañar a una víctima autenticada para que ejecute un código Javascript especialmente diseñado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dogtagpki:dogtagpki:10.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F74D2549-D845-4550-A520-6487B2754665\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1777579\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1777579\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]}]}}", }, }
wid-sec-w-2024-3648
Vulnerability from csaf_certbund
Published
2021-03-15 23:00
Modified
2024-12-09 23:00
Summary
Red Hat Enterprise Linux pki-core: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen oder Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Linux
- UNIX
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder authentifizierter Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen oder Sicherheitsmaßnahmen zu umgehen.", title: "Angriff", }, { category: "general", text: "- Linux\n- UNIX", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3648 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2024-3648.json", }, { category: "self", summary: "WID-SEC-2024-3648 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3648", }, { category: "external", summary: "Red Hat Security Advisories vom 2021-03-15", url: "https://access.redhat.com/errata/RHSA-2021:0819", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0851 vom 2021-03-16", url: "https://access.redhat.com/errata/RHSA-2021:0851", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2021-0851 vom 2021-03-18", url: "http://linux.oracle.com/errata/ELSA-2021-0851.html", }, { category: "external", summary: "CentOS Security Advisory CESA-2021:0851 vom 2021-03-19", url: "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2021-0851-Important-CentOS-7-pki-core-Security-Update-tp4646156.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0966 vom 2021-03-23", url: "https://access.redhat.com/errata/RHSA-2021:0966", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:0975 vom 2021-03-23", url: "https://access.redhat.com/errata/RHSA-2021:0975", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2021-0966 vom 2021-03-24", url: "https://linux.oracle.com/errata/ELSA-2021-0966.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2021:1263 vom 2021-04-20", url: "https://access.redhat.com/errata/RHSA-2021:1263", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2021-1630 vom 2021-04-22", url: "https://alas.aws.amazon.com/AL2/ALAS-2021-1630.html", }, { category: "external", summary: "Ubuntu Security Notice USN-7146-1 vom 2024-12-10", url: "https://ubuntu.com/security/notices/USN-7146-1", }, ], source_lang: "en-US", title: "Red Hat Enterprise Linux pki-core: Mehrere Schwachstellen", tracking: { current_release_date: "2024-12-09T23:00:00.000+00:00", generator: { date: "2024-12-10T13:22:16.793+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3648", initial_release_date: "2021-03-15T23:00:00.000+00:00", revision_history: [ { date: "2021-03-15T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2021-03-16T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-03-17T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2021-03-18T23:00:00.000+00:00", number: "4", summary: "Neue Updates von CentOS aufgenommen", }, { date: "2021-03-22T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-03-23T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat und Oracle Linux aufgenommen", }, { date: "2021-04-19T22:00:00.000+00:00", number: "7", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2021-04-21T22:00:00.000+00:00", number: "8", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-12-09T23:00:00.000+00:00", number: "9", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "9", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Open Source CentOS", product: { name: "Open Source CentOS", product_id: "1727", product_identification_helper: { cpe: "cpe:/o:centos:centos:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { branches: [ { category: "product_version_range", name: "<7.6 Extended Update Support", product: { name: "Red Hat Enterprise Linux <7.6 Extended Update Support", product_id: "T018600", }, }, { category: "product_version", name: "7.6 Extended Update Support", product: { name: "Red Hat Enterprise Linux 7.6 Extended Update Support", product_id: "T018600-fixed", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7.6_extended_update_support", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2019-10146", notes: [ { category: "description", text: "In Red Hat Enterprise Linux \"pki-core\" existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden im \"pki-ca Modul\" und dem \"Key Recovery Authority (KRA) Agent Service\" nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Webbrowser zu öffnen.", }, ], product_status: { known_affected: [ "T018600", "T000126", "398363", "1727", "T004914", ], }, release_date: "2021-03-15T23:00:00.000+00:00", title: "CVE-2019-10146", }, { cve: "CVE-2019-10179", notes: [ { category: "description", text: "In Red Hat Enterprise Linux \"pki-core\" existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden im \"pki-ca Modul\" und dem \"Key Recovery Authority (KRA) Agent Service\" nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Webbrowser zu öffnen.", }, ], product_status: { known_affected: [ "T018600", "T000126", "398363", "1727", "T004914", ], }, release_date: "2021-03-15T23:00:00.000+00:00", title: "CVE-2019-10179", }, { cve: "CVE-2019-10221", notes: [ { category: "description", text: "In Red Hat Enterprise Linux \"pki-core\" existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden im \"pki-ca Modul\" und dem \"Key Recovery Authority (KRA) Agent Service\" nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Webbrowser zu öffnen.", }, ], product_status: { known_affected: [ "T018600", "T000126", "398363", "1727", "T004914", ], }, release_date: "2021-03-15T23:00:00.000+00:00", title: "CVE-2019-10221", }, { cve: "CVE-2020-1721", notes: [ { category: "description", text: "In Red Hat Enterprise Linux \"pki-core\" existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden im \"pki-ca Modul\" und dem \"Key Recovery Authority (KRA) Agent Service\" nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Webbrowser zu öffnen.", }, ], product_status: { known_affected: [ "T018600", "T000126", "398363", "1727", "T004914", ], }, release_date: "2021-03-15T23:00:00.000+00:00", title: "CVE-2020-1721", }, { cve: "CVE-2020-25715", notes: [ { category: "description", text: "In Red Hat Enterprise Linux \"pki-core\" existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden im \"pki-ca Modul\" und dem \"Key Recovery Authority (KRA) Agent Service\" nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Webbrowser zu öffnen.", }, ], product_status: { known_affected: [ "T018600", "T000126", "398363", "1727", "T004914", ], }, release_date: "2021-03-15T23:00:00.000+00:00", title: "CVE-2020-25715", }, { cve: "CVE-2021-20179", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in Red Hat Enterprise Linux \"pki-core\". Die Schwachstelle besteht aufgrund eines Fehlers in der Schlüsselverwaltung, der die unendliche Erneuerung eines Zertifikats ermöglicht. Ein entfernter, authentifizierter Angreifer kann diese Sicherheitslücke ausnutzen, um Sicherheitsmaßnahmen zu umgehen.", }, ], product_status: { known_affected: [ "T018600", "T000126", "398363", "1727", "T004914", ], }, release_date: "2021-03-15T23:00:00.000+00:00", title: "CVE-2021-20179", }, ], }
rhsa-2021_0851
Vulnerability from csaf_redhat
Published
2021-03-16 13:53
Modified
2024-11-22 16:02
Summary
Red Hat Security Advisory: pki-core security and bug fix update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Add KRA Transport and Storage Certificates profiles, audit for IPA (BZ#1883639)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Add KRA Transport and Storage Certificates profiles, audit for IPA (BZ#1883639)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0851", url: "https://access.redhat.com/errata/RHSA-2021:0851", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1883639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1883639", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0851.json", }, ], title: "Red Hat Security Advisory: pki-core security and bug fix update", tracking: { current_release_date: "2024-11-22T16:02:53+00:00", generator: { date: "2024-11-22T16:02:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0851", initial_release_date: "2021-03-16T13:53:30+00:00", revision_history: [ { date: "2021-03-16T13:53:30+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-16T13:53:30+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:02:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.18-12.el7_9.noarch", product: { name: "pki-base-0:10.5.18-12.el7_9.noarch", product_id: "pki-base-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.18-12.el7_9.noarch", product: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch", product_id: "pki-base-java-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.18-12.el7_9.noarch", product: { name: "pki-ca-0:10.5.18-12.el7_9.noarch", product_id: "pki-ca-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product_id: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.18-12.el7_9.noarch", product: { name: "pki-kra-0:10.5.18-12.el7_9.noarch", product_id: "pki-kra-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.18-12.el7_9.noarch", product: { name: "pki-server-0:10.5.18-12.el7_9.noarch", product_id: "pki-server-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.18-12.el7_9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.18-12.el7_9.src", product: { name: "pki-core-0:10.5.18-12.el7_9.src", product_id: "pki-core-0:10.5.18-12.el7_9.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.18-12.el7_9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product_id: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64", product_id: "pki-tools-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product_id: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64", product_id: "pki-tools-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.s390x", product: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x", product_id: "pki-symkey-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.s390x", product: { name: "pki-tools-0:10.5.18-12.el7_9.s390x", product_id: "pki-tools-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
rhsa-2020_4847
Vulnerability from csaf_redhat
Published
2020-11-04 01:39
Modified
2024-12-29 18:30
Summary
Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Notes
Topic
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:4847", url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", }, { category: "external", summary: "1376706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1376706", }, { category: "external", summary: "1399546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1399546", }, { category: "external", summary: "1406505", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1406505", }, { category: "external", summary: "1601614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601614", }, { category: "external", summary: "1601617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601617", }, { category: "external", summary: "1666907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666907", }, { category: "external", summary: "1668097", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668097", }, { category: "external", summary: "1686454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1686454", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1701972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701972", }, { category: "external", summary: "1706521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1706521", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1721684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1721684", }, { category: "external", summary: "1724433", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1724433", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1732981", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732981", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1805541", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805541", }, { category: "external", summary: "1817247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1817247", }, { category: "external", summary: "1821851", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1821851", }, { category: "external", summary: "1822246", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1822246", }, { category: "external", summary: "1824939", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1824939", }, { category: "external", summary: "1824948", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1824948", }, { category: "external", summary: "1825998", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1825998", }, { category: "external", summary: "1828406", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828406", }, { category: "external", summary: "1842734", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1842734", }, { category: "external", summary: "1842736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1842736", }, { category: "external", summary: "1843537", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1843537", }, { category: "external", summary: "1845447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1845447", }, { category: "external", summary: "1850004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", }, { category: "external", summary: "1854043", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1854043", }, { category: "external", summary: "1854959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1854959", }, { category: "external", summary: "1855273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855273", }, { category: "external", summary: "1855319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855319", }, { category: "external", summary: "1856368", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1856368", }, { category: "external", summary: "1857933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1857933", }, { category: "external", summary: "1861911", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1861911", }, { category: "external", summary: "1869893", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1869893", }, { category: "external", summary: "1871064", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1871064", }, { category: "external", summary: "1873235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1873235", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json", }, ], title: "Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update", tracking: { current_release_date: "2024-12-29T18:30:19+00:00", generator: { date: "2024-12-29T18:30:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.4", }, }, id: "RHSA-2020:4847", initial_release_date: "2020-11-04T01:39:43+00:00", revision_history: [ { date: "2020-11-04T01:39:43+00:00", number: "1", summary: "Initial version", }, { date: "2020-11-04T01:39:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-29T18:30:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-deps:10.6:8030020200527165326:30b713e6", product: { name: "pki-deps:10.6:8030020200527165326:30b713e6", product_id: "pki-deps:10.6:8030020200527165326:30b713e6", product_identification_helper: { purl: "pkg:rpmmod/redhat/pki-deps@10.6:8030020200527165326:30b713e6", }, }, }, { category: "product_version", name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product_id: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product_id: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product_id: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=noarch", }, }, }, { category: "product_version", name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product_id: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/bea-stax-api@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-core@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-runtime@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-txw2@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product: { name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_id: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-json-provider@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch", }, }, }, { category: "product_version", name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_id: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch", }, }, }, { category: "product_version", name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product_id: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/javassist-javadoc@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product: { name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_id: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-4.0-api@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_id: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product_id: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product_id: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j-jdk14@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product_id: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product_id: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product_id: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "pki-core:10.6:8030020200911215836:5ff1562f", product: { name: "pki-core:10.6:8030020200911215836:5ff1562f", product_id: "pki-core:10.6:8030020200911215836:5ff1562f", product_identification_helper: { purl: "pkg:rpmmod/redhat/pki-core@10.6:8030020200911215836:5ff1562f", }, }, }, { category: "product_version", name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_id: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch", }, }, }, { category: "product_version", name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product: { name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_id: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk-javadoc@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-pki@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product_id: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product_id: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product_id: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product_id: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=src", }, }, }, { category: "product_version", name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product: { name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product_id: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/bea-stax@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product_id: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=src", }, }, }, { category: "product_version", name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product_id: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product_id: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src&epoch=1", }, }, }, { category: "product_version", name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product_id: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product_id: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=src&epoch=1", }, }, }, { category: "product_version", name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product: { name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product_id: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product_id: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product_id: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product_id: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product_id: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product_id: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product_id: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product_id: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product_id: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product_id: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product_id: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product_id: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src", }, }, }, { category: "product_version", name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product_id: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=src", }, }, }, { category: "product_version", name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product: { name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product_id: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src", }, }, }, { category: "product_version", name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product_id: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, product_reference: "pki-core:10.6:8030020200911215836:5ff1562f", relates_to_product_reference: "AppStream-8.3.0.GA", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", }, product_reference: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", }, product_reference: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", }, product_reference: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", }, product_reference: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", }, product_reference: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", }, product_reference: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, product_reference: "pki-deps:10.6:8030020200527165326:30b713e6", relates_to_product_reference: "AppStream-8.3.0.GA", }, { category: "default_component_of", full_product_name: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", }, product_reference: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", }, product_reference: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", }, product_reference: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", }, product_reference: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", }, product_reference: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", }, product_reference: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", }, product_reference: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", }, product_reference: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", }, product_reference: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", }, product_reference: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", }, product_reference: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, ], }, vulnerabilities: [ { cve: "CVE-2015-9251", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2016-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1399546", }, ], notes: [ { category: "description", text: "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Cross-site scripting via cross-domain ajax requests", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-9251", }, { category: "external", summary: "RHBZ#1399546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1399546", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-9251", url: "https://www.cve.org/CVERecord?id=CVE-2015-9251", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", }, ], release_date: "2015-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Cross-site scripting via cross-domain ajax requests", }, { cve: "CVE-2016-10735", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668097", }, ], notes: [ { category: "description", text: "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: XSS in the data-target attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-10735", }, { category: "external", summary: "RHBZ#1668097", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668097", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-10735", url: "https://www.cve.org/CVERecord?id=CVE-2016-10735", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", }, ], release_date: "2016-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: XSS in the data-target attribute", }, { cve: "CVE-2018-14040", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2018-07-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1601614", }, ], notes: [ { category: "description", text: "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 and newer versions don't use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14040", }, { category: "external", summary: "RHBZ#1601614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601614", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14040", url: "https://www.cve.org/CVERecord?id=CVE-2018-14040", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", }, ], release_date: "2018-05-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", }, { cve: "CVE-2018-14042", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2018-07-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1601617", }, ], notes: [ { category: "description", text: "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 and newer versions don't use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14042", }, { category: "external", summary: "RHBZ#1601617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601617", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14042", url: "https://www.cve.org/CVERecord?id=CVE-2018-14042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", }, ], release_date: "2018-05-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", }, { cve: "CVE-2019-8331", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-02-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1686454", }, ], notes: [ { category: "description", text: "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: XSS in the tooltip or popover data-template attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-8331", }, { category: "external", summary: "RHBZ#1686454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1686454", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-8331", url: "https://www.cve.org/CVERecord?id=CVE-2019-8331", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", }, ], release_date: "2019-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: XSS in the tooltip or popover data-template attribute", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { cve: "CVE-2019-11358", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-03-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1701972", }, ], notes: [ { category: "description", text: "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11358", }, { category: "external", summary: "RHBZ#1701972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701972", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11358", url: "https://www.cve.org/CVERecord?id=CVE-2019-11358", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", }, { category: "external", summary: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { category: "external", summary: "https://www.drupal.org/sa-core-2019-006", url: "https://www.drupal.org/sa-core-2019-006", }, ], release_date: "2019-03-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { acknowledgments: [ { names: [ "@ZeddYu", ], organization: "Apache Tomcat Security Team", }, ], cve: "CVE-2020-1935", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2019-12-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1806835", }, ], notes: [ { category: "description", text: "A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling", title: "Vulnerability summary", }, { category: "other", text: "OpenDaylight in Red Hat OpenStack 10 & 13 was in technical preview status, because of this no fixes will be released for it.\n\nIn Red Hat Satellite 6, Candlepin is using Tomcat to provide a REST API, and has been found to be vulnerable to the flaw. However, it is currently believed that no useful attacks can be carried over.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1935", }, { category: "external", summary: "RHBZ#1806835", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1806835", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1935", url: "https://www.cve.org/CVERecord?id=CVE-2020-1935", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1935", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1935", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", }, { category: "external", summary: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", url: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", }, ], release_date: "2020-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Workaround for Red Hat Satellite 6 is to add iptables rule to deny TCP requests of Tomcat that are not originating from the Satellite.\n\nFor other Red Hat products, either mitigation isn't available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling", }, { cve: "CVE-2020-1938", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2020-02-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1806398", }, ], notes: [ { category: "description", text: "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1938", }, { category: "external", summary: "RHBZ#1806398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1806398", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1938", url: "https://www.cve.org/CVERecord?id=CVE-2020-1938", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", }, { category: "external", summary: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", url: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", }, { category: "external", summary: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", url: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", }, { category: "external", summary: "https://www.cnvd.org.cn/webinfo/show/5415", url: "https://www.cnvd.org.cn/webinfo/show/5415", }, { category: "external", summary: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", url: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2020-02-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-03-03T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Moderate", }, ], title: "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", }, { cve: "CVE-2020-11022", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1828406", }, ], notes: [ { category: "description", text: "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", title: "Vulnerability summary", }, { category: "other", text: "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-11022", }, { category: "external", summary: "RHBZ#1828406", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828406", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-11022", url: "https://www.cve.org/CVERecord?id=CVE-2020-11022", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", }, { category: "external", summary: "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", url: "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", }, ], release_date: "2020-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", }, { cve: "CVE-2020-11023", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1850004", }, ], notes: [ { category: "description", text: "A flaw was found in jQuery. HTML containing \\<option\\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-11023", }, { category: "external", summary: "RHBZ#1850004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-11023", url: "https://www.cve.org/CVERecord?id=CVE-2020-11023", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", }, { category: "external", summary: "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", url: "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", }, ], release_date: "2020-04-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods", }, { acknowledgments: [ { names: [ "Christian Heimes", ], }, ], cve: "CVE-2020-15720", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, discovery_date: "2020-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1855273", }, ], notes: [ { category: "description", text: "A flaw was found in PKI, where the dogtag's pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from this vulnerability is to confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki: Dogtag's python client does not validate certificates", title: "Vulnerability summary", }, { category: "other", text: "In PKI, the pki.client.PKIConnection python class is used by the `pki-server` and `pkispawn` commands. `pki-server` runs locally on the server, thus not subject to a Person in the Middle attack. `pkispawn` may access remote node in decentralized or cloned contexts.\n\nIdentity Management (IPA) command line interface (the vault related sub-commands) may call pki.client.PKIConnection().", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-15720", }, { category: "external", summary: "RHBZ#1855273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855273", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-15720", url: "https://www.cve.org/CVERecord?id=CVE-2020-15720", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-15720", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-15720", }, ], release_date: "2020-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki: Dogtag's python client does not validate certificates", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { cve: "CVE-2022-25762", cwe: { id: "CWE-226", name: "Sensitive Information in Resource Not Removed Before Reuse", }, discovery_date: "2022-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2085304", }, ], notes: [ { category: "description", text: "A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled object to be placed in the pool twice. This issue results in subsequent connections using the same object concurrently, which causes data to be potentially returned to the wrong user or application stability issues.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: request mixup", title: "Vulnerability summary", }, { category: "other", text: "This issue affects Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25762", }, { category: "external", summary: "RHBZ#2085304", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2085304", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25762", url: "https://www.cve.org/CVERecord?id=CVE-2022-25762", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25762", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25762", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76", }, ], release_date: "2022-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: request mixup", }, ], }
rhsa-2021:0975
Vulnerability from csaf_redhat
Published
2021-03-23 16:57
Modified
2024-11-22 16:03
Summary
Red Hat Security Advisory: pki-core security update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0975", url: "https://access.redhat.com/errata/RHSA-2021:0975", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0975.json", }, ], title: "Red Hat Security Advisory: pki-core security update", tracking: { current_release_date: "2024-11-22T16:03:09+00:00", generator: { date: "2024-11-22T16:03:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0975", initial_release_date: "2021-03-23T16:57:36+00:00", revision_history: [ { date: "2021-03-23T16:57:36+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-23T16:57:36+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:03:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.16-7.el7_7.noarch", product: { name: "pki-base-0:10.5.16-7.el7_7.noarch", product_id: "pki-base-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.16-7.el7_7.noarch", product: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch", product_id: "pki-base-java-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.16-7.el7_7.noarch", product: { name: "pki-ca-0:10.5.16-7.el7_7.noarch", product_id: "pki-ca-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product_id: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.16-7.el7_7.noarch", product: { name: "pki-kra-0:10.5.16-7.el7_7.noarch", product_id: "pki-kra-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.16-7.el7_7.noarch", product: { name: "pki-server-0:10.5.16-7.el7_7.noarch", product_id: "pki-server-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.16-7.el7_7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.16-7.el7_7.src", product: { name: "pki-core-0:10.5.16-7.el7_7.src", product_id: "pki-core-0:10.5.16-7.el7_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.16-7.el7_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product_id: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64", product_id: "pki-tools-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product_id: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64", product_id: "pki-tools-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.s390x", product: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x", product_id: "pki-symkey-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.s390x", product: { name: "pki-tools-0:10.5.16-7.el7_7.s390x", product_id: "pki-tools-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
rhsa-2021_0975
Vulnerability from csaf_redhat
Published
2021-03-23 16:57
Modified
2024-11-22 16:03
Summary
Red Hat Security Advisory: pki-core security update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0975", url: "https://access.redhat.com/errata/RHSA-2021:0975", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0975.json", }, ], title: "Red Hat Security Advisory: pki-core security update", tracking: { current_release_date: "2024-11-22T16:03:09+00:00", generator: { date: "2024-11-22T16:03:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0975", initial_release_date: "2021-03-23T16:57:36+00:00", revision_history: [ { date: "2021-03-23T16:57:36+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-23T16:57:36+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:03:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.16-7.el7_7.noarch", product: { name: "pki-base-0:10.5.16-7.el7_7.noarch", product_id: "pki-base-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.16-7.el7_7.noarch", product: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch", product_id: "pki-base-java-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.16-7.el7_7.noarch", product: { name: "pki-ca-0:10.5.16-7.el7_7.noarch", product_id: "pki-ca-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product_id: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.16-7.el7_7.noarch", product: { name: "pki-kra-0:10.5.16-7.el7_7.noarch", product_id: "pki-kra-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.16-7.el7_7.noarch", product: { name: "pki-server-0:10.5.16-7.el7_7.noarch", product_id: "pki-server-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.16-7.el7_7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.16-7.el7_7.src", product: { name: "pki-core-0:10.5.16-7.el7_7.src", product_id: "pki-core-0:10.5.16-7.el7_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.16-7.el7_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product_id: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64", product_id: "pki-tools-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product_id: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64", product_id: "pki-tools-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.s390x", product: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x", product_id: "pki-symkey-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.s390x", product: { name: "pki-tools-0:10.5.16-7.el7_7.s390x", product_id: "pki-tools-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
RHSA-2020:4847
Vulnerability from csaf_redhat
Published
2020-11-04 01:39
Modified
2024-12-29 18:30
Summary
Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Notes
Topic
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:4847", url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", }, { category: "external", summary: "1376706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1376706", }, { category: "external", summary: "1399546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1399546", }, { category: "external", summary: "1406505", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1406505", }, { category: "external", summary: "1601614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601614", }, { category: "external", summary: "1601617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601617", }, { category: "external", summary: "1666907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666907", }, { category: "external", summary: "1668097", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668097", }, { category: "external", summary: "1686454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1686454", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1701972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701972", }, { category: "external", summary: "1706521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1706521", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1721684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1721684", }, { category: "external", summary: "1724433", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1724433", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1732981", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732981", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1805541", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805541", }, { category: "external", summary: "1817247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1817247", }, { category: "external", summary: "1821851", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1821851", }, { category: "external", summary: "1822246", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1822246", }, { category: "external", summary: "1824939", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1824939", }, { category: "external", summary: "1824948", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1824948", }, { category: "external", summary: "1825998", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1825998", }, { category: "external", summary: "1828406", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828406", }, { category: "external", summary: "1842734", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1842734", }, { category: "external", summary: "1842736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1842736", }, { category: "external", summary: "1843537", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1843537", }, { category: "external", summary: "1845447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1845447", }, { category: "external", summary: "1850004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", }, { category: "external", summary: "1854043", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1854043", }, { category: "external", summary: "1854959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1854959", }, { category: "external", summary: "1855273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855273", }, { category: "external", summary: "1855319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855319", }, { category: "external", summary: "1856368", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1856368", }, { category: "external", summary: "1857933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1857933", }, { category: "external", summary: "1861911", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1861911", }, { category: "external", summary: "1869893", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1869893", }, { category: "external", summary: "1871064", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1871064", }, { category: "external", summary: "1873235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1873235", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json", }, ], title: "Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update", tracking: { current_release_date: "2024-12-29T18:30:19+00:00", generator: { date: "2024-12-29T18:30:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.4", }, }, id: "RHSA-2020:4847", initial_release_date: "2020-11-04T01:39:43+00:00", revision_history: [ { date: "2020-11-04T01:39:43+00:00", number: "1", summary: "Initial version", }, { date: "2020-11-04T01:39:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-29T18:30:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-deps:10.6:8030020200527165326:30b713e6", product: { name: "pki-deps:10.6:8030020200527165326:30b713e6", product_id: "pki-deps:10.6:8030020200527165326:30b713e6", product_identification_helper: { purl: "pkg:rpmmod/redhat/pki-deps@10.6:8030020200527165326:30b713e6", }, }, }, { category: "product_version", name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product_id: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product_id: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product_id: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=noarch", }, }, }, { category: "product_version", name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product_id: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/bea-stax-api@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-core@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-runtime@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-txw2@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product: { name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_id: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-json-provider@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch", }, }, }, { category: "product_version", name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_id: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch", }, }, }, { category: "product_version", name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product_id: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/javassist-javadoc@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product: { name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_id: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-4.0-api@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_id: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product_id: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product_id: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j-jdk14@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product_id: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product_id: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product_id: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "pki-core:10.6:8030020200911215836:5ff1562f", product: { name: "pki-core:10.6:8030020200911215836:5ff1562f", product_id: "pki-core:10.6:8030020200911215836:5ff1562f", product_identification_helper: { purl: "pkg:rpmmod/redhat/pki-core@10.6:8030020200911215836:5ff1562f", }, }, }, { category: "product_version", name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_id: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch", }, }, }, { category: "product_version", name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product: { name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_id: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk-javadoc@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-pki@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product_id: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product_id: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product_id: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product_id: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=src", }, }, }, { category: "product_version", name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product: { name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product_id: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/bea-stax@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product_id: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=src", }, }, }, { category: "product_version", name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product_id: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product_id: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src&epoch=1", }, }, }, { category: "product_version", name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product_id: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product_id: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=src&epoch=1", }, }, }, { category: "product_version", name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product: { name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product_id: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product_id: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product_id: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product_id: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product_id: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product_id: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product_id: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product_id: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product_id: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product_id: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product_id: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product_id: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src", }, }, }, { category: "product_version", name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product_id: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=src", }, }, }, { category: "product_version", name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product: { name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product_id: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src", }, }, }, { category: "product_version", name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product_id: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, product_reference: "pki-core:10.6:8030020200911215836:5ff1562f", relates_to_product_reference: "AppStream-8.3.0.GA", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", }, product_reference: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", }, product_reference: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", }, product_reference: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", }, product_reference: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", }, product_reference: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", }, product_reference: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, product_reference: "pki-deps:10.6:8030020200527165326:30b713e6", relates_to_product_reference: "AppStream-8.3.0.GA", }, { category: "default_component_of", full_product_name: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", }, product_reference: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", }, product_reference: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", }, product_reference: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", }, product_reference: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", }, product_reference: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", }, product_reference: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", }, product_reference: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", }, product_reference: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", }, product_reference: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", }, product_reference: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", }, product_reference: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, ], }, vulnerabilities: [ { cve: "CVE-2015-9251", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2016-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1399546", }, ], notes: [ { category: "description", text: "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Cross-site scripting via cross-domain ajax requests", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-9251", }, { category: "external", summary: "RHBZ#1399546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1399546", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-9251", url: "https://www.cve.org/CVERecord?id=CVE-2015-9251", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", }, ], release_date: "2015-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Cross-site scripting via cross-domain ajax requests", }, { cve: "CVE-2016-10735", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668097", }, ], notes: [ { category: "description", text: "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: XSS in the data-target attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-10735", }, { category: "external", summary: "RHBZ#1668097", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668097", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-10735", url: "https://www.cve.org/CVERecord?id=CVE-2016-10735", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", }, ], release_date: "2016-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: XSS in the data-target attribute", }, { cve: "CVE-2018-14040", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2018-07-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1601614", }, ], notes: [ { category: "description", text: "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 and newer versions don't use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14040", }, { category: "external", summary: "RHBZ#1601614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601614", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14040", url: "https://www.cve.org/CVERecord?id=CVE-2018-14040", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", }, ], release_date: "2018-05-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", }, { cve: "CVE-2018-14042", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2018-07-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1601617", }, ], notes: [ { category: "description", text: "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 and newer versions don't use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14042", }, { category: "external", summary: "RHBZ#1601617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601617", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14042", url: "https://www.cve.org/CVERecord?id=CVE-2018-14042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", }, ], release_date: "2018-05-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", }, { cve: "CVE-2019-8331", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-02-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1686454", }, ], notes: [ { category: "description", text: "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: XSS in the tooltip or popover data-template attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-8331", }, { category: "external", summary: "RHBZ#1686454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1686454", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-8331", url: "https://www.cve.org/CVERecord?id=CVE-2019-8331", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", }, ], release_date: "2019-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: XSS in the tooltip or popover data-template attribute", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { cve: "CVE-2019-11358", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-03-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1701972", }, ], notes: [ { category: "description", text: "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11358", }, { category: "external", summary: "RHBZ#1701972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701972", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11358", url: "https://www.cve.org/CVERecord?id=CVE-2019-11358", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", }, { category: "external", summary: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { category: "external", summary: "https://www.drupal.org/sa-core-2019-006", url: "https://www.drupal.org/sa-core-2019-006", }, ], release_date: "2019-03-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { acknowledgments: [ { names: [ "@ZeddYu", ], organization: "Apache Tomcat Security Team", }, ], cve: "CVE-2020-1935", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2019-12-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1806835", }, ], notes: [ { category: "description", text: "A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling", title: "Vulnerability summary", }, { category: "other", text: "OpenDaylight in Red Hat OpenStack 10 & 13 was in technical preview status, because of this no fixes will be released for it.\n\nIn Red Hat Satellite 6, Candlepin is using Tomcat to provide a REST API, and has been found to be vulnerable to the flaw. However, it is currently believed that no useful attacks can be carried over.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1935", }, { category: "external", summary: "RHBZ#1806835", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1806835", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1935", url: "https://www.cve.org/CVERecord?id=CVE-2020-1935", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1935", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1935", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", }, { category: "external", summary: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", url: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", }, ], release_date: "2020-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Workaround for Red Hat Satellite 6 is to add iptables rule to deny TCP requests of Tomcat that are not originating from the Satellite.\n\nFor other Red Hat products, either mitigation isn't available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling", }, { cve: "CVE-2020-1938", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2020-02-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1806398", }, ], notes: [ { category: "description", text: "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1938", }, { category: "external", summary: "RHBZ#1806398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1806398", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1938", url: "https://www.cve.org/CVERecord?id=CVE-2020-1938", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", }, { category: "external", summary: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", url: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", }, { category: "external", summary: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", url: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", }, { category: "external", summary: "https://www.cnvd.org.cn/webinfo/show/5415", url: "https://www.cnvd.org.cn/webinfo/show/5415", }, { category: "external", summary: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", url: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2020-02-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-03-03T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Moderate", }, ], title: "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", }, { cve: "CVE-2020-11022", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1828406", }, ], notes: [ { category: "description", text: "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", title: "Vulnerability summary", }, { category: "other", text: "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-11022", }, { category: "external", summary: "RHBZ#1828406", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828406", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-11022", url: "https://www.cve.org/CVERecord?id=CVE-2020-11022", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", }, { category: "external", summary: "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", url: "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", }, ], release_date: "2020-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", }, { cve: "CVE-2020-11023", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1850004", }, ], notes: [ { category: "description", text: "A flaw was found in jQuery. HTML containing \\<option\\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-11023", }, { category: "external", summary: "RHBZ#1850004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-11023", url: "https://www.cve.org/CVERecord?id=CVE-2020-11023", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", }, { category: "external", summary: "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", url: "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", }, ], release_date: "2020-04-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods", }, { acknowledgments: [ { names: [ "Christian Heimes", ], }, ], cve: "CVE-2020-15720", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, discovery_date: "2020-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1855273", }, ], notes: [ { category: "description", text: "A flaw was found in PKI, where the dogtag's pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from this vulnerability is to confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki: Dogtag's python client does not validate certificates", title: "Vulnerability summary", }, { category: "other", text: "In PKI, the pki.client.PKIConnection python class is used by the `pki-server` and `pkispawn` commands. `pki-server` runs locally on the server, thus not subject to a Person in the Middle attack. `pkispawn` may access remote node in decentralized or cloned contexts.\n\nIdentity Management (IPA) command line interface (the vault related sub-commands) may call pki.client.PKIConnection().", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-15720", }, { category: "external", summary: "RHBZ#1855273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855273", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-15720", url: "https://www.cve.org/CVERecord?id=CVE-2020-15720", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-15720", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-15720", }, ], release_date: "2020-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki: Dogtag's python client does not validate certificates", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { cve: "CVE-2022-25762", cwe: { id: "CWE-226", name: "Sensitive Information in Resource Not Removed Before Reuse", }, discovery_date: "2022-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2085304", }, ], notes: [ { category: "description", text: "A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled object to be placed in the pool twice. This issue results in subsequent connections using the same object concurrently, which causes data to be potentially returned to the wrong user or application stability issues.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: request mixup", title: "Vulnerability summary", }, { category: "other", text: "This issue affects Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25762", }, { category: "external", summary: "RHBZ#2085304", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2085304", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25762", url: "https://www.cve.org/CVERecord?id=CVE-2022-25762", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25762", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25762", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76", }, ], release_date: "2022-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: request mixup", }, ], }
rhsa-2021_0819
Vulnerability from csaf_redhat
Published
2021-03-15 13:37
Modified
2024-11-22 16:02
Summary
Red Hat Security Advisory: pki-core security update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0819", url: "https://access.redhat.com/errata/RHSA-2021:0819", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0819.json", }, ], title: "Red Hat Security Advisory: pki-core security update", tracking: { current_release_date: "2024-11-22T16:02:44+00:00", generator: { date: "2024-11-22T16:02:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0819", initial_release_date: "2021-03-15T13:37:37+00:00", revision_history: [ { date: "2021-03-15T13:37:37+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-15T13:37:37+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:02:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.9-15.el7_6.noarch", product: { name: "pki-base-0:10.5.9-15.el7_6.noarch", product_id: "pki-base-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.9-15.el7_6.noarch", product: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch", product_id: "pki-base-java-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.9-15.el7_6.noarch", product: { name: "pki-ca-0:10.5.9-15.el7_6.noarch", product_id: "pki-ca-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product_id: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.9-15.el7_6.noarch", product: { name: "pki-kra-0:10.5.9-15.el7_6.noarch", product_id: "pki-kra-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.9-15.el7_6.noarch", product: { name: "pki-server-0:10.5.9-15.el7_6.noarch", product_id: "pki-server-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.9-15.el7_6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.9-15.el7_6.src", product: { name: "pki-core-0:10.5.9-15.el7_6.src", product_id: "pki-core-0:10.5.9-15.el7_6.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.9-15.el7_6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product_id: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64", product_id: "pki-tools-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product_id: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64", product_id: "pki-tools-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.s390x", product: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x", product_id: "pki-symkey-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.s390x", product: { name: "pki-tools-0:10.5.9-15.el7_6.s390x", product_id: "pki-tools-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
RHSA-2021:0975
Vulnerability from csaf_redhat
Published
2021-03-23 16:57
Modified
2024-11-22 16:03
Summary
Red Hat Security Advisory: pki-core security update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0975", url: "https://access.redhat.com/errata/RHSA-2021:0975", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0975.json", }, ], title: "Red Hat Security Advisory: pki-core security update", tracking: { current_release_date: "2024-11-22T16:03:09+00:00", generator: { date: "2024-11-22T16:03:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0975", initial_release_date: "2021-03-23T16:57:36+00:00", revision_history: [ { date: "2021-03-23T16:57:36+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-23T16:57:36+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:03:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.7::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.16-7.el7_7.noarch", product: { name: "pki-base-0:10.5.16-7.el7_7.noarch", product_id: "pki-base-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.16-7.el7_7.noarch", product: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch", product_id: "pki-base-java-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.16-7.el7_7.noarch", product: { name: "pki-ca-0:10.5.16-7.el7_7.noarch", product_id: "pki-ca-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product_id: "pki-javadoc-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.16-7.el7_7.noarch", product: { name: "pki-kra-0:10.5.16-7.el7_7.noarch", product_id: "pki-kra-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.16-7.el7_7?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.16-7.el7_7.noarch", product: { name: "pki-server-0:10.5.16-7.el7_7.noarch", product_id: "pki-server-0:10.5.16-7.el7_7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.16-7.el7_7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.16-7.el7_7.src", product: { name: "pki-core-0:10.5.16-7.el7_7.src", product_id: "pki-core-0:10.5.16-7.el7_7.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.16-7.el7_7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product_id: "pki-symkey-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64", product_id: "pki-tools-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-tools-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product_id: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product_id: "pki-symkey-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64", product_id: "pki-tools-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.16-7.el7_7.s390x", product: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x", product_id: "pki-symkey-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.16-7.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.16-7.el7_7.s390x", product: { name: "pki-tools-0:10.5.16-7.el7_7.s390x", product_id: "pki-tools-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.16-7.el7_7?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product_id: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.16-7.el7_7?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7)", product_id: "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.7)", product_id: "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-base-java-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-ca-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.16-7.el7_7.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", }, product_reference: "pki-core-0:10.5.16-7.el7_7.src", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-javadoc-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-kra-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.16-7.el7_7.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", }, product_reference: "pki-server-0:10.5.16-7.el7_7.noarch", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-symkey-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.ppc64le", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.s390x", relates_to_product_reference: "7Server-optional-7.7.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.16-7.el7_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.7)", product_id: "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", }, product_reference: "pki-tools-0:10.5.16-7.el7_7.x86_64", relates_to_product_reference: "7Server-optional-7.7.EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-23T16:57:36+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0975", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7ComputeNode-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-base-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-base-java-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-ca-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-core-0:10.5.16-7.el7_7.src", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-core-debuginfo-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-javadoc-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-kra-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-server-0:10.5.16-7.el7_7.noarch", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-symkey-0:10.5.16-7.el7_7.x86_64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.ppc64le", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.s390x", "7Server-optional-7.7.EUS:pki-tools-0:10.5.16-7.el7_7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
rhsa-2021:0851
Vulnerability from csaf_redhat
Published
2021-03-16 13:53
Modified
2024-11-22 16:02
Summary
Red Hat Security Advisory: pki-core security and bug fix update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Add KRA Transport and Storage Certificates profiles, audit for IPA (BZ#1883639)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Add KRA Transport and Storage Certificates profiles, audit for IPA (BZ#1883639)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0851", url: "https://access.redhat.com/errata/RHSA-2021:0851", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1883639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1883639", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0851.json", }, ], title: "Red Hat Security Advisory: pki-core security and bug fix update", tracking: { current_release_date: "2024-11-22T16:02:53+00:00", generator: { date: "2024-11-22T16:02:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0851", initial_release_date: "2021-03-16T13:53:30+00:00", revision_history: [ { date: "2021-03-16T13:53:30+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-16T13:53:30+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:02:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.18-12.el7_9.noarch", product: { name: "pki-base-0:10.5.18-12.el7_9.noarch", product_id: "pki-base-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.18-12.el7_9.noarch", product: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch", product_id: "pki-base-java-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.18-12.el7_9.noarch", product: { name: "pki-ca-0:10.5.18-12.el7_9.noarch", product_id: "pki-ca-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product_id: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.18-12.el7_9.noarch", product: { name: "pki-kra-0:10.5.18-12.el7_9.noarch", product_id: "pki-kra-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.18-12.el7_9.noarch", product: { name: "pki-server-0:10.5.18-12.el7_9.noarch", product_id: "pki-server-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.18-12.el7_9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.18-12.el7_9.src", product: { name: "pki-core-0:10.5.18-12.el7_9.src", product_id: "pki-core-0:10.5.18-12.el7_9.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.18-12.el7_9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product_id: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64", product_id: "pki-tools-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product_id: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64", product_id: "pki-tools-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.s390x", product: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x", product_id: "pki-symkey-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.s390x", product: { name: "pki-tools-0:10.5.18-12.el7_9.s390x", product_id: "pki-tools-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
rhsa-2021:0819
Vulnerability from csaf_redhat
Published
2021-03-15 13:37
Modified
2024-11-22 16:02
Summary
Red Hat Security Advisory: pki-core security update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0819", url: "https://access.redhat.com/errata/RHSA-2021:0819", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0819.json", }, ], title: "Red Hat Security Advisory: pki-core security update", tracking: { current_release_date: "2024-11-22T16:02:44+00:00", generator: { date: "2024-11-22T16:02:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0819", initial_release_date: "2021-03-15T13:37:37+00:00", revision_history: [ { date: "2021-03-15T13:37:37+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-15T13:37:37+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:02:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.9-15.el7_6.noarch", product: { name: "pki-base-0:10.5.9-15.el7_6.noarch", product_id: "pki-base-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.9-15.el7_6.noarch", product: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch", product_id: "pki-base-java-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.9-15.el7_6.noarch", product: { name: "pki-ca-0:10.5.9-15.el7_6.noarch", product_id: "pki-ca-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product_id: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.9-15.el7_6.noarch", product: { name: "pki-kra-0:10.5.9-15.el7_6.noarch", product_id: "pki-kra-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.9-15.el7_6.noarch", product: { name: "pki-server-0:10.5.9-15.el7_6.noarch", product_id: "pki-server-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.9-15.el7_6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.9-15.el7_6.src", product: { name: "pki-core-0:10.5.9-15.el7_6.src", product_id: "pki-core-0:10.5.9-15.el7_6.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.9-15.el7_6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product_id: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64", product_id: "pki-tools-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product_id: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64", product_id: "pki-tools-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.s390x", product: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x", product_id: "pki-symkey-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.s390x", product: { name: "pki-tools-0:10.5.9-15.el7_6.s390x", product_id: "pki-tools-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
RHSA-2021:0819
Vulnerability from csaf_redhat
Published
2021-03-15 13:37
Modified
2024-11-22 16:02
Summary
Red Hat Security Advisory: pki-core security update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0819", url: "https://access.redhat.com/errata/RHSA-2021:0819", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0819.json", }, ], title: "Red Hat Security Advisory: pki-core security update", tracking: { current_release_date: "2024-11-22T16:02:44+00:00", generator: { date: "2024-11-22T16:02:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0819", initial_release_date: "2021-03-15T13:37:37+00:00", revision_history: [ { date: "2021-03-15T13:37:37+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-15T13:37:37+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:02:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product: { name: "Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS", product_identification_helper: { cpe: "cpe:/o:redhat:rhel_eus:7.6::server", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.9-15.el7_6.noarch", product: { name: "pki-base-0:10.5.9-15.el7_6.noarch", product_id: "pki-base-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.9-15.el7_6.noarch", product: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch", product_id: "pki-base-java-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.9-15.el7_6.noarch", product: { name: "pki-ca-0:10.5.9-15.el7_6.noarch", product_id: "pki-ca-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product_id: "pki-javadoc-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.9-15.el7_6.noarch", product: { name: "pki-kra-0:10.5.9-15.el7_6.noarch", product_id: "pki-kra-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.9-15.el7_6?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.9-15.el7_6.noarch", product: { name: "pki-server-0:10.5.9-15.el7_6.noarch", product_id: "pki-server-0:10.5.9-15.el7_6.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.9-15.el7_6?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.9-15.el7_6.src", product: { name: "pki-core-0:10.5.9-15.el7_6.src", product_id: "pki-core-0:10.5.9-15.el7_6.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.9-15.el7_6?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product_id: "pki-symkey-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64", product_id: "pki-tools-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product_id: "pki-tools-0:10.5.9-15.el7_6.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product_id: "pki-symkey-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64", product_id: "pki-tools-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.9-15.el7_6.s390x", product: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x", product_id: "pki-symkey-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.9-15.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.9-15.el7_6.s390x", product: { name: "pki-tools-0:10.5.9-15.el7_6.s390x", product_id: "pki-tools-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.9-15.el7_6?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product_id: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.9-15.el7_6?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6)", product_id: "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", product_id: "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.6)", product_id: "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-7.6.EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-base-java-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-ca-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.9-15.el7_6.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", }, product_reference: "pki-core-0:10.5.9-15.el7_6.src", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-javadoc-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-kra-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.9-15.el7_6.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", }, product_reference: "pki-server-0:10.5.9-15.el7_6.noarch", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-symkey-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.ppc64le", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.s390x", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.9-15.el7_6.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", product_id: "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", }, product_reference: "pki-tools-0:10.5.9-15.el7_6.x86_64", relates_to_product_reference: "7Server-optional-Alt-7.6-EUS", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-15T13:37:37+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0819", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7ComputeNode-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7ComputeNode-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-7.6.EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-base-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-base-java-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-ca-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-core-0:10.5.9-15.el7_6.src", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-core-debuginfo-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-javadoc-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-kra-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-server-0:10.5.9-15.el7_6.noarch", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-symkey-0:10.5.9-15.el7_6.x86_64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.ppc64le", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.s390x", "7Server-optional-Alt-7.6-EUS:pki-tools-0:10.5.9-15.el7_6.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
rhsa-2020:4847
Vulnerability from csaf_redhat
Published
2020-11-04 01:39
Modified
2024-12-29 18:30
Summary
Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Notes
Topic
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:4847", url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", }, { category: "external", summary: "1376706", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1376706", }, { category: "external", summary: "1399546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1399546", }, { category: "external", summary: "1406505", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1406505", }, { category: "external", summary: "1601614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601614", }, { category: "external", summary: "1601617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601617", }, { category: "external", summary: "1666907", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666907", }, { category: "external", summary: "1668097", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668097", }, { category: "external", summary: "1686454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1686454", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1701972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701972", }, { category: "external", summary: "1706521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1706521", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1721684", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1721684", }, { category: "external", summary: "1724433", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1724433", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1732981", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732981", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1805541", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805541", }, { category: "external", summary: "1817247", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1817247", }, { category: "external", summary: "1821851", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1821851", }, { category: "external", summary: "1822246", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1822246", }, { category: "external", summary: "1824939", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1824939", }, { category: "external", summary: "1824948", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1824948", }, { category: "external", summary: "1825998", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1825998", }, { category: "external", summary: "1828406", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828406", }, { category: "external", summary: "1842734", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1842734", }, { category: "external", summary: "1842736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1842736", }, { category: "external", summary: "1843537", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1843537", }, { category: "external", summary: "1845447", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1845447", }, { category: "external", summary: "1850004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", }, { category: "external", summary: "1854043", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1854043", }, { category: "external", summary: "1854959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1854959", }, { category: "external", summary: "1855273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855273", }, { category: "external", summary: "1855319", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855319", }, { category: "external", summary: "1856368", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1856368", }, { category: "external", summary: "1857933", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1857933", }, { category: "external", summary: "1861911", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1861911", }, { category: "external", summary: "1869893", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1869893", }, { category: "external", summary: "1871064", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1871064", }, { category: "external", summary: "1873235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1873235", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json", }, ], title: "Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update", tracking: { current_release_date: "2024-12-29T18:30:19+00:00", generator: { date: "2024-12-29T18:30:19+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.4", }, }, id: "RHSA-2020:4847", initial_release_date: "2020-11-04T01:39:43+00:00", revision_history: [ { date: "2020-11-04T01:39:43+00:00", number: "1", summary: "Initial version", }, { date: "2020-11-04T01:39:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-29T18:30:19+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-deps:10.6:8030020200527165326:30b713e6", product: { name: "pki-deps:10.6:8030020200527165326:30b713e6", product_id: "pki-deps:10.6:8030020200527165326:30b713e6", product_identification_helper: { purl: "pkg:rpmmod/redhat/pki-deps@10.6:8030020200527165326:30b713e6", }, }, }, { category: "product_version", name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product_id: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product_id: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product_id: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=noarch", }, }, }, { category: "product_version", name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product_id: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/bea-stax-api@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-core@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-runtime@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_id: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-txw2@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_id: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch", }, }, }, { category: "product_version", name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product: { name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_id: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-json-provider@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch", }, }, }, { category: "product_version", name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_id: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch", }, }, }, { category: "product_version", name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product_id: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_id: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/javassist-javadoc@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product: { name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_id: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-4.0-api@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_id: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch&epoch=1", }, }, }, { category: "product_version", name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product_id: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product_id: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_id: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j-jdk14@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product_id: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product_id: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product_id: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch", }, }, }, { category: "product_version", name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product_id: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch", }, }, }, { category: "product_version", name: "pki-core:10.6:8030020200911215836:5ff1562f", product: { name: "pki-core:10.6:8030020200911215836:5ff1562f", product_id: "pki-core:10.6:8030020200911215836:5ff1562f", product_identification_helper: { purl: "pkg:rpmmod/redhat/pki-core@10.6:8030020200911215836:5ff1562f", }, }, }, { category: "product_version", name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_id: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch", }, }, }, { category: "product_version", name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product: { name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_id: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk-javadoc@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product: { name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_id: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3-pki@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch", }, }, }, { category: "product_version", name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product_id: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product_id: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product_id: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product_id: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", product_identification_helper: { purl: "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=src", }, }, }, { category: "product_version", name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product: { name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product_id: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/bea-stax@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product_id: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_id: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src", }, }, }, { category: "product_version", name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product_id: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=src", }, }, }, { category: "product_version", name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product_id: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product_id: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src&epoch=1", }, }, }, { category: "product_version", name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product_id: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product_id: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=src&epoch=1", }, }, }, { category: "product_version", name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product: { name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product_id: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product_id: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product_id: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product_id: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product_id: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product_id: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product_id: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product_id: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product_id: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product_id: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product_id: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", product_identification_helper: { purl: "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src", }, }, }, { category: "product_version", name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product_id: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", product_identification_helper: { purl: "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src", }, }, }, { category: "product_version", name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product_id: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", product_identification_helper: { purl: "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=src", }, }, }, { category: "product_version", name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product: { name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product_id: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src", }, }, }, { category: "product_version", name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product_id: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", product_identification_helper: { purl: "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_id: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64", }, }, }, { category: "product_version", name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, { category: "product_version", name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_id: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, product_reference: "pki-core:10.6:8030020200911215836:5ff1562f", relates_to_product_reference: "AppStream-8.3.0.GA", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", }, product_reference: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", }, product_reference: "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", }, product_reference: "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", }, product_reference: "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", }, product_reference: "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", }, product_reference: "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", }, product_reference: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", }, product_reference: "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", }, { category: "default_component_of", full_product_name: { name: "pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, product_reference: "pki-deps:10.6:8030020200527165326:30b713e6", relates_to_product_reference: "AppStream-8.3.0.GA", }, { category: "default_component_of", full_product_name: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", }, product_reference: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", }, product_reference: "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", }, product_reference: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", }, product_reference: "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", }, product_reference: "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", }, product_reference: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", }, product_reference: "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", }, product_reference: "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", }, product_reference: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", }, product_reference: "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", }, product_reference: "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", }, product_reference: "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", }, product_reference: "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", }, product_reference: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", }, product_reference: "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", }, product_reference: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, { category: "default_component_of", full_product_name: { name: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", }, product_reference: "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", relates_to_product_reference: "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", }, ], }, vulnerabilities: [ { cve: "CVE-2015-9251", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2016-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1399546", }, ], notes: [ { category: "description", text: "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Cross-site scripting via cross-domain ajax requests", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-9251", }, { category: "external", summary: "RHBZ#1399546", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1399546", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-9251", url: "https://www.cve.org/CVERecord?id=CVE-2015-9251", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-9251", }, ], release_date: "2015-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Cross-site scripting via cross-domain ajax requests", }, { cve: "CVE-2016-10735", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-09T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668097", }, ], notes: [ { category: "description", text: "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: XSS in the data-target attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-10735", }, { category: "external", summary: "RHBZ#1668097", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668097", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-10735", url: "https://www.cve.org/CVERecord?id=CVE-2016-10735", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-10735", }, ], release_date: "2016-06-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: XSS in the data-target attribute", }, { cve: "CVE-2018-14040", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2018-07-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1601614", }, ], notes: [ { category: "description", text: "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 and newer versions don't use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14040", }, { category: "external", summary: "RHBZ#1601614", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601614", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14040", url: "https://www.cve.org/CVERecord?id=CVE-2018-14040", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14040", }, ], release_date: "2018-05-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute", }, { cve: "CVE-2018-14042", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2018-07-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1601617", }, ], notes: [ { category: "description", text: "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 and newer versions don't use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14042", }, { category: "external", summary: "RHBZ#1601617", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1601617", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14042", url: "https://www.cve.org/CVERecord?id=CVE-2018-14042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14042", }, ], release_date: "2018-05-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip", }, { cve: "CVE-2019-8331", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-02-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1686454", }, ], notes: [ { category: "description", text: "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.", title: "Vulnerability description", }, { category: "summary", text: "bootstrap: XSS in the tooltip or popover data-template attribute", title: "Vulnerability summary", }, { category: "other", text: "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don't use the vulnerable component at all.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-8331", }, { category: "external", summary: "RHBZ#1686454", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1686454", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-8331", url: "https://www.cve.org/CVERecord?id=CVE-2019-8331", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-8331", }, ], release_date: "2019-02-11T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bootstrap: XSS in the tooltip or popover data-template attribute", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { cve: "CVE-2019-11358", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-03-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1701972", }, ], notes: [ { category: "description", text: "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11358", }, { category: "external", summary: "RHBZ#1701972", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1701972", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11358", url: "https://www.cve.org/CVERecord?id=CVE-2019-11358", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", }, { category: "external", summary: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", url: "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", }, { category: "external", summary: "https://www.drupal.org/sa-core-2019-006", url: "https://www.drupal.org/sa-core-2019-006", }, ], release_date: "2019-03-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { acknowledgments: [ { names: [ "@ZeddYu", ], organization: "Apache Tomcat Security Team", }, ], cve: "CVE-2020-1935", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2019-12-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1806835", }, ], notes: [ { category: "description", text: "A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling", title: "Vulnerability summary", }, { category: "other", text: "OpenDaylight in Red Hat OpenStack 10 & 13 was in technical preview status, because of this no fixes will be released for it.\n\nIn Red Hat Satellite 6, Candlepin is using Tomcat to provide a REST API, and has been found to be vulnerable to the flaw. However, it is currently believed that no useful attacks can be carried over.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1935", }, { category: "external", summary: "RHBZ#1806835", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1806835", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1935", url: "https://www.cve.org/CVERecord?id=CVE-2020-1935", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1935", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1935", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", }, { category: "external", summary: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", url: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", }, ], release_date: "2020-02-24T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Workaround for Red Hat Satellite 6 is to add iptables rule to deny TCP requests of Tomcat that are not originating from the Satellite.\n\nFor other Red Hat products, either mitigation isn't available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling", }, { cve: "CVE-2020-1938", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2020-02-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1806398", }, ], notes: [ { category: "description", text: "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1938", }, { category: "external", summary: "RHBZ#1806398", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1806398", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1938", url: "https://www.cve.org/CVERecord?id=CVE-2020-1938", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1938", }, { category: "external", summary: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", url: "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", }, { category: "external", summary: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", url: "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51", }, { category: "external", summary: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", url: "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31", }, { category: "external", summary: "https://www.cnvd.org.cn/webinfo/show/5415", url: "https://www.cnvd.org.cn/webinfo/show/5415", }, { category: "external", summary: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", url: "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", }, { category: "external", summary: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", url: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, ], release_date: "2020-02-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "exploit_status", date: "2022-03-03T00:00:00+00:00", details: "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog", }, { category: "impact", details: "Moderate", }, ], title: "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability", }, { cve: "CVE-2020-11022", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1828406", }, ], notes: [ { category: "description", text: "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the ‘HTML’ function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", title: "Vulnerability summary", }, { category: "other", text: "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-11022", }, { category: "external", summary: "RHBZ#1828406", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1828406", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-11022", url: "https://www.cve.org/CVERecord?id=CVE-2020-11022", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", }, { category: "external", summary: "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", url: "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", }, ], release_date: "2020-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", }, { cve: "CVE-2020-11023", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1850004", }, ], notes: [ { category: "description", text: "A flaw was found in jQuery. HTML containing \\<option\\> elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-11023", }, { category: "external", summary: "RHBZ#1850004", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1850004", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-11023", url: "https://www.cve.org/CVERecord?id=CVE-2020-11023", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", }, { category: "external", summary: "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", url: "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", }, ], release_date: "2020-04-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods", }, { acknowledgments: [ { names: [ "Christian Heimes", ], }, ], cve: "CVE-2020-15720", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, discovery_date: "2020-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1855273", }, ], notes: [ { category: "description", text: "A flaw was found in PKI, where the dogtag's pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from this vulnerability is to confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki: Dogtag's python client does not validate certificates", title: "Vulnerability summary", }, { category: "other", text: "In PKI, the pki.client.PKIConnection python class is used by the `pki-server` and `pkispawn` commands. `pki-server` runs locally on the server, thus not subject to a Person in the Middle attack. `pkispawn` may access remote node in decentralized or cloned contexts.\n\nIdentity Management (IPA) command line interface (the vault related sub-commands) may call pki.client.PKIConnection().", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-15720", }, { category: "external", summary: "RHBZ#1855273", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1855273", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-15720", url: "https://www.cve.org/CVERecord?id=CVE-2020-15720", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-15720", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-15720", }, ], release_date: "2020-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki: Dogtag's python client does not validate certificates", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { cve: "CVE-2022-25762", cwe: { id: "CWE-226", name: "Sensitive Information in Resource Not Removed Before Reuse", }, discovery_date: "2022-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2085304", }, ], notes: [ { category: "description", text: "A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled object to be placed in the pool twice. This issue results in subsequent connections using the same object concurrently, which causes data to be potentially returned to the wrong user or application stability issues.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: request mixup", title: "Vulnerability summary", }, { category: "other", text: "This issue affects Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25762", }, { category: "external", summary: "RHBZ#2085304", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2085304", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25762", url: "https://www.cve.org/CVERecord?id=CVE-2022-25762", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25762", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25762", }, { category: "external", summary: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76", url: "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76", }, ], release_date: "2022-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-11-04T01:39:43+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:4847", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", version: "3.1", }, products: [ "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch", "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "tomcat: request mixup", }, ], }
RHSA-2021:0851
Vulnerability from csaf_redhat
Published
2021-03-16 13:53
Modified
2024-11-22 16:02
Summary
Red Hat Security Advisory: pki-core security and bug fix update
Notes
Topic
An update for pki-core is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)
* pki-core: XSS in the certificate search results (CVE-2020-25715)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Add KRA Transport and Storage Certificates profiles, audit for IPA (BZ#1883639)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for pki-core is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)\n\n* pki-core: XSS in the certificate search results (CVE-2020-25715)\n\n* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Add KRA Transport and Storage Certificates profiles, audit for IPA (BZ#1883639)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2021:0851", url: "https://access.redhat.com/errata/RHSA-2021:0851", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "1883639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1883639", }, { category: "external", summary: "1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0851.json", }, ], title: "Red Hat Security Advisory: pki-core security and bug fix update", tracking: { current_release_date: "2024-11-22T16:02:53+00:00", generator: { date: "2024-11-22T16:02:53+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2021:0851", initial_release_date: "2021-03-16T13:53:30+00:00", revision_history: [ { date: "2021-03-16T13:53:30+00:00", number: "1", summary: "Initial version", }, { date: "2021-03-16T13:53:30+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T16:02:53+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "pki-base-0:10.5.18-12.el7_9.noarch", product: { name: "pki-base-0:10.5.18-12.el7_9.noarch", product_id: "pki-base-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-base-java-0:10.5.18-12.el7_9.noarch", product: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch", product_id: "pki-base-java-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-base-java@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-ca-0:10.5.18-12.el7_9.noarch", product: { name: "pki-ca-0:10.5.18-12.el7_9.noarch", product_id: "pki-ca-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-ca@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product_id: "pki-javadoc-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-javadoc@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-kra-0:10.5.18-12.el7_9.noarch", product: { name: "pki-kra-0:10.5.18-12.el7_9.noarch", product_id: "pki-kra-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-kra@10.5.18-12.el7_9?arch=noarch", }, }, }, { category: "product_version", name: "pki-server-0:10.5.18-12.el7_9.noarch", product: { name: "pki-server-0:10.5.18-12.el7_9.noarch", product_id: "pki-server-0:10.5.18-12.el7_9.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/pki-server@10.5.18-12.el7_9?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "pki-core-0:10.5.18-12.el7_9.src", product: { name: "pki-core-0:10.5.18-12.el7_9.src", product_id: "pki-core-0:10.5.18-12.el7_9.src", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core@10.5.18-12.el7_9?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product_id: "pki-symkey-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=x86_64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64", product_id: "pki-tools-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=x86_64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-tools-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=ppc64le", }, }, }, { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product_id: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product_id: "pki-symkey-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=ppc64", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64", product_id: "pki-tools-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=ppc64", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "pki-symkey-0:10.5.18-12.el7_9.s390x", product: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x", product_id: "pki-symkey-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-symkey@10.5.18-12.el7_9?arch=s390x", }, }, }, { category: "product_version", name: "pki-tools-0:10.5.18-12.el7_9.s390x", product: { name: "pki-tools-0:10.5.18-12.el7_9.s390x", product_id: "pki-tools-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-tools@10.5.18-12.el7_9?arch=s390x", }, }, }, { category: "product_version", name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product_id: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pki-core-debuginfo@10.5.18-12.el7_9?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Client-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Server-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-base-java-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-base-java-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-ca-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-ca-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-0:10.5.18-12.el7_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", }, product_reference: "pki-core-0:10.5.18-12.el7_9.src", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-javadoc-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-javadoc-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-kra-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-kra-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-server-0:10.5.18-12.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", }, product_reference: "pki-server-0:10.5.18-12.el7_9.noarch", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-symkey-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-symkey-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.ppc64le", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.s390x", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, { category: "default_component_of", full_product_name: { name: "pki-tools-0:10.5.18-12.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", }, product_reference: "pki-tools-0:10.5.18-12.el7_9.x86_64", relates_to_product_reference: "7Workstation-optional-7.9.Z", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10146", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-05-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710171", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", title: "Vulnerability summary", }, { category: "other", text: "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim's browser.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10146", }, { category: "external", summary: "RHBZ#1710171", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710171", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10146", url: "https://www.cve.org/CVERecord?id=CVE-2019-10146", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10146", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10179", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-04-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1695901", }, ], notes: [ { category: "description", text: "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10179", }, { category: "external", summary: "RHBZ#1695901", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1695901", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10179", url: "https://www.cve.org/CVERecord?id=CVE-2019-10179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10179", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2019-10221", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-07-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1732565", }, ], notes: [ { category: "description", text: "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-10221", }, { category: "external", summary: "RHBZ#1732565", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732565", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-10221", url: "https://www.cve.org/CVERecord?id=CVE-2019-10221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-10221", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: Reflected XSS in getcookies?url= endpoint in CA", }, { acknowledgments: [ { names: [ "Pritam Singh", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1721", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-11-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1777579", }, ], notes: [ { category: "description", text: "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1721", }, { category: "external", summary: "RHBZ#1777579", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1721", url: "https://www.cve.org/CVERecord?id=CVE-2020-1721", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, ], release_date: "2020-02-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "pki-core: KRA vulnerable to reflected XSS via the getPk12 page", }, { cve: "CVE-2020-25715", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2020-10-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1891016", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: XSS in the certificate search results", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-25715", }, { category: "external", summary: "RHBZ#1891016", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1891016", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-25715", url: "https://www.cve.org/CVERecord?id=CVE-2020-25715", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-25715", }, ], release_date: "2021-03-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, { category: "workaround", details: "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "pki-core: XSS in the certificate search results", }, { acknowledgments: [ { names: [ "Fraser Tweedale", "Geetika Kapoor", ], }, ], cve: "CVE-2021-20179", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, discovery_date: "2021-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1914379", }, ], notes: [ { category: "description", text: "A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.", title: "Vulnerability description", }, { category: "summary", text: "pki-core: Unprivileged users can renew any certificate", title: "Vulnerability summary", }, { category: "other", text: "- Red Hat Certificate System 10.1 has been fixed via the Red Hat Enterprise Linux 8 errata RHSA-2021:0966\n- Red Hat Certificate System 10.2 and newer are not affected by this flaw", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-20179", }, { category: "external", summary: "RHBZ#1914379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1914379", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-20179", url: "https://www.cve.org/CVERecord?id=CVE-2021-20179", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-20179", }, ], release_date: "2021-03-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2021-03-16T13:53:30+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2021:0851", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Client-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Client-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7ComputeNode-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Server-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-base-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-base-java-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-ca-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-core-0:10.5.18-12.el7_9.src", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-core-debuginfo-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-javadoc-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-kra-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-server-0:10.5.18-12.el7_9.noarch", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-symkey-0:10.5.18-12.el7_9.x86_64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.ppc64le", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.s390x", "7Workstation-optional-7.9.Z:pki-tools-0:10.5.18-12.el7_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "pki-core: Unprivileged users can renew any certificate", }, ], }
ghsa-j9fq-77vj-2ww7
Vulnerability from github
Published
2022-05-24 17:49
Modified
2022-05-24 17:49
Details
A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.
{ affected: [], aliases: [ "CVE-2020-1721", ], database_specific: { cwe_ids: [ "CWE-79", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2021-04-30T12:15:00Z", severity: "MODERATE", }, details: "A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", id: "GHSA-j9fq-77vj-2ww7", modified: "2022-05-24T17:49:18Z", published: "2022-05-24T17:49:18Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1721", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, ], schema_version: "1.4.0", severity: [], }
gsd-2020-1721
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-1721", description: "A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", id: "GSD-2020-1721", references: [ "https://access.redhat.com/errata/RHSA-2021:0975", "https://access.redhat.com/errata/RHSA-2021:0851", "https://access.redhat.com/errata/RHSA-2021:0819", "https://access.redhat.com/errata/RHSA-2020:4847", "https://linux.oracle.com/cve/CVE-2020-1721.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-1721", ], details: "A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", id: "GSD-2020-1721", modified: "2023-12-13T01:21:57.543821Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-1721", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "pki-core", version: { version_data: [ { version_value: "pki-core 10.10.5", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:dogtagpki:dogtagpki:10.10.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-1721", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-79", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", refsource: "MISC", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: true, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, }, }, lastModifiedDate: "2021-05-10T20:16Z", publishedDate: "2021-04-30T12:15Z", }, }, }
fkie_cve-2020-1721
Vulnerability from fkie_nvd
Published
2021-04-30 12:15
Modified
2024-11-21 05:11
Severity ?
Summary
A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1777579 | Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1777579 | Issue Tracking, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:dogtagpki:dogtagpki:10.10.5:*:*:*:*:*:*:*", matchCriteriaId: "F74D2549-D845-4550-A520-6487B2754665", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-site scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.", }, { lang: "es", value: "Se detectó un fallo en el Agent Service de Key Recovery Authority (KRA) en pki-core versión 10.10.5, donde no sanea apropiadamente el ID de recuperación durante una petición de recuperación de clave, permitiendo una vulnerabilidad de tipo cross-site scripting (XSS) reflejado. Un atacante podría engañar a una víctima autenticada para que ejecute un código Javascript especialmente diseñado.", }, ], id: "CVE-2020-1721", lastModified: "2024-11-21T05:11:14.370", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-30T12:15:07.410", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1777579", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "secalert@redhat.com", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.